pwnedOrNot – Find Compromised Email Passwords

pwnedOrNot is a tool that you can use to verify if your email address have been breached in the past. This will be important to test the account information and credentials and see if they were posted online. Usually there are several ways and methods to get sensitive information the first is using a malware that will capture sensitive information on infected host and send them to a remote system. second can be a database attack where attacker will have access to email accounts of users. another way is using a phishing campaign or social engineering technique where cyber-criminals will create a phishing website to collect users sensitive information.

Using any of the above techniques and more there will be more work to detect and reduce the damage of these attacks by monitoring information posted online. pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.

pwnedOrNot - Find Passwords for Compromised Email Accounts

pwnedOrNot – Find Passwords for Compromised Email Accounts

haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script:

  • Name of Breach
  • Domain Name
  • Date of Breach
  • Fabrication status
  • Verification Status
  • Retirement status
  • Spam Status

And with all this information pwnedOrNot can easily find passwords for compromised emails if the dump is accessible and it contains the password.

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments